HTTP Applications

Almost 100% of all web applications are primarily protected by passwords with a few having additional protection in the form of second factor authentication. Here we will look at using various tools to infilterate a web application that uses HTTP for communication.

Htaccess Protected Directory

A directory within a web server's instance can be password protected using the htaccess file. In order to break through the protection mechanism provided by the htaccess file, we will use medusa.

medusa -h 192.168.1.1 -u admin -P /usr/share/wordlists/rockyou.txt -M http -m DIR:/admin

Last updated